"Fossies" - the Fresh Open Source Software Archive

Member "jitsi-meet-5186/resources/prosody-plugins/mod_turncredentials.lua" (30 Jul 2021, 2965 Bytes) of package /linux/misc/jitsi-meet-5186.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Lua source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file.

    1 -- XEP-0215 implementation for time-limited turn credentials
    2 -- Copyright (C) 2012-2014 Philipp Hancke
    3 -- This file is MIT/X11 licensed.
    4 
    5 --turncredentials_secret = "keepthissecret";
    6 --turncredentials = {
    7 --    { type = "stun", host = "8.8.8.8" },
    8 --    { type = "turn", host = "8.8.8.8", port = "3478" },
    9 --    { type = "turn", host = "8.8.8.8", port = "80", transport = "tcp" }
   10 --}
   11 -- for stun servers, host is required, port defaults to 3478
   12 -- for turn servers, host is required, port defaults to tcp,
   13 --          transport defaults to udp
   14 --          hosts can be a list of server names / ips for random
   15 --          choice loadbalancing
   16 
   17 local st = require "util.stanza";
   18 local hmac_sha1 = require "util.hashes".hmac_sha1;
   19 local base64 = require "util.encodings".base64;
   20 local os_time = os.time;
   21 local secret = module:get_option_string("turncredentials_secret");
   22 local ttl = module:get_option_number("turncredentials_ttl", 86400);
   23 local hosts = module:get_option("turncredentials") or {};
   24 if not (secret) then
   25     module:log("error", "turncredentials not configured");
   26     return;
   27 end
   28 
   29 module:add_feature("urn:xmpp:extdisco:1");
   30 
   31 function random(arr)
   32     local index = math.random(1, #arr);
   33     return arr[index];
   34 end
   35 
   36 
   37 module:hook_global("config-reloaded", function()
   38     module:log("debug", "config-reloaded")
   39     secret = module:get_option_string("turncredentials_secret");
   40     ttl = module:get_option_number("turncredentials_ttl", 86400);
   41     hosts = module:get_option("turncredentials") or {};
   42 end);
   43 
   44 module:hook("iq-get/host/urn:xmpp:extdisco:1:services", function(event)
   45     local origin, stanza = event.origin, event.stanza;
   46     if origin.type ~= "c2s" then
   47         return;
   48     end
   49     local now = os_time() + ttl;
   50     local userpart = tostring(now);
   51     local nonce = base64.encode(hmac_sha1(secret, tostring(userpart), false));
   52     local reply = st.reply(stanza):tag("services", {xmlns = "urn:xmpp:extdisco:1"})
   53     for idx, item in pairs(hosts) do
   54         if item.type == "stun" or item.type == "stuns" then
   55             -- stun items need host and port (defaults to 3478)
   56             reply:tag("service",
   57                 { type = item.type, host = item.host, port = tostring(item.port) or "3478" }
   58             ):up();
   59         elseif item.type == "turn" or item.type == "turns" then
   60             local turn = {}
   61             -- turn items need host, port (defaults to 3478),
   62               -- transport (defaults to udp)
   63               -- username, password, ttl
   64             turn.type = item.type;
   65             turn.port = tostring(item.port);
   66             turn.transport = item.transport;
   67             turn.username = userpart;
   68             turn.password = nonce;
   69             turn.ttl = tostring(ttl);
   70             if item.hosts then
   71                 turn.host = random(item.hosts)
   72             else
   73                 turn.host = item.host
   74             end
   75             reply:tag("service", turn):up();
   76         end
   77     end
   78     origin.send(reply);
   79     return true;
   80 end);